Listing All DNS Records in a Domain Using dig

Last updated: March 18, 2024

Reviewed by: Grzegorz Piwowarek
Baeldung Pro – Linux – NPI EA (cat = Baeldung on Linux)
announcement - icon

Learn through the super-clean Baeldung Pro experience:

>> Membership and Baeldung Pro.

No ads, dark-mode and 6 months free of IntelliJ Idea Ultimate to start with.

Partner – Orkes – NPI EA (tag=Kubernetes)
announcement - icon

Modern software architecture is often broken. Slow delivery leads to missed opportunities, innovation is stalled due to architectural complexities, and engineering resources are exceedingly expensive.

Orkes is the leading workflow orchestration platform built to enable teams to transform the way they develop, connect, and deploy applications, microservices, AI agents, and more.

With Orkes Conductor managed through Orkes Cloud, developers can focus on building mission critical applications without worrying about infrastructure maintenance to meet goals and, simply put, taking new products live faster and reducing total cost of ownership.

Try a 14-Day Free Trial of Orkes Conductor today.

1. Overview

The Domain Name System (DNS) is the phonebook of the Internet. DNS is a hierarchical and distributed naming system for computers, services, and other resources on the Internet. Furthermore, it’s partitioned into several different zones called DNS zones, where each zone is used to host the records for a particular domain.

In this tutorial, we’ll learn how to use the dig command to list all DNS records in a domain.

2. DNS Records

All computers on the Internet find and communicate with one another by using IP addresses. Moreover, DNS translates domain names into IP addresses so computers can communicate with each other.

A DNS record is an entry in a DNS database that maps a domain name to an IP address. In addition, it provides additional routing and resolution information about a domain.

Every DNS record has a type that defines the content of the record. Furthermore, there are many different types of DNS records, and most of them are used only occasionally. However, only a couple of record types are used frequently. Common DNS record types are:

  • NS: the record contains the names server for a DNS entry
  • A: the record contains the IPv4 address for a domain
  • AAAA: the record contains the IPv6 address for a domain
  • MX: the record contains the mail exchange server for a domain
  • CNAME: the record maps a domain to another domain
  • TXT: the record contains text notes
  • SRV: the record contains information about the location of a particular service

Now, let’s look at an A record entry:

yahoo.com.  1452  IN  A  74.6.231.20

Thus, this record shows the IP addresses associated with the domain name yahoo.com.

3. The dig Command

The dig (Domain Information Groper) command obtains DNS-related information for a given domain. It performs DNS lookups by querying name servers and displays the results concerning the various DNS records it finds.

3.1. Installation

The dig utility is available on Linux and macOS. Most Linux distributions include it by default so that we can use it immediately. If it isn’t installed, we can install it from the command line.

To install it in Debian-based Linux systems, we can use the apt package manager:

$ sudo apt-get install dnsutils

For Fedora-based distributions, we can use the yum package manager:

$ sudo yum install bind-utils

3.2. Syntax

Let’s look at the dig command’s syntax:

$ dig [server] [name] [type]

The [server] argument is the IP address or hostname of the name server to query. It’s optional, and if we don’t provide one, then dig uses the name server listed in /etc/resolv.conf. The [name] argument is the name of the resource record that is to be looked up, and [type] is the type of query requested by dig.

For example, type can be an A record or any other type. By default, the dig command performs a lookup for the A record if no type argument is determined.

3.3. Sample Command

Now, let’s perform a DNS lookup for a domain name by passing the name along with the dig command:

$ dig yahoo.com

; <<>> DiG 9.18.1-1ubuntu1.3-Ubuntu <<>> yahoo.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42357
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1

...

;; ANSWER SECTION:
yahoo.com.		5	IN	A	74.6.143.25
yahoo.com.		5	IN	A	74.6.231.21
yahoo.com.		5	IN	A	98.137.11.163
yahoo.com.		5	IN	A	74.6.143.26
yahoo.com.		5	IN	A	74.6.231.20
yahoo.com.		5	IN	A	98.137.11.164

The output contains the A records and other information like the installed dig version, technical details about the results, and statistics about the query, along with a few other items.

4. List All DNS Records Using dig

To list all DNS records in the domain zone, we use the type any switch of dig:

$ dig [name] any

For instance, let’s find all DNS records for yahoo.com:

$ dig yahoo.com any

Let’s see the output:

;; ANSWER SECTION:
yahoo.com.		117920	IN	NS	ns5.yahoo.com.
yahoo.com.		117920	IN	NS	ns1.yahoo.com.
yahoo.com.		117920	IN	NS	ns4.yahoo.com.
yahoo.com.		117920	IN	NS	ns2.yahoo.com.
yahoo.com.		117920	IN	NS	ns3.yahoo.com.
yahoo.com.		1287	IN	MX	1 mta6.am0.yahoodns.net.
yahoo.com.		1287	IN	MX	1 mta5.am0.yahoodns.net.
yahoo.com.		1287	IN	MX	1 mta7.am0.yahoodns.net.
yahoo.com.		1452	IN	A	74.6.231.20
yahoo.com.		1452	IN	A	74.6.231.21
yahoo.com.		1452	IN	A	74.6.143.26
yahoo.com.		1452	IN	A	74.6.143.25
yahoo.com.		1452	IN	A	98.137.11.164
yahoo.com.		1452	IN	A	98.137.11.163

In the above example, we queried all DNS records for the domain yahoo.com using the type any. There, we see that the name servers for yahoo.com are ns1.yahoo.com through ns5.yahoo.com.

Moreover, if the any option isn’t working with the dig command, we can list specific types of DNS records one by one.

We can use the name of the DNS record we want to view along with the dig command. For example, let’s display all the IPv4 addresses associated with the yahoo.com domain:

$ dig yahoo.com A
; <<>> DiG 9.18.18-0ubuntu2.1-Ubuntu <<>> yahoo.com A
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48593
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;yahoo.com.			IN	A

;; ANSWER SECTION:
yahoo.com.		1778	IN	A	98.137.11.163
yahoo.com.		1778	IN	A	74.6.143.26
yahoo.com.		1778	IN	A	74.6.143.25
yahoo.com.		1778	IN	A	74.6.231.20
yahoo.com.		1778	IN	A	74.6.231.21
yahoo.com.		1778	IN	A	98.137.11.164
...output truncated...

Similarly, let’s see the mail servers that are responsible for receiving mail for the yahoo.com domain:

$ dig yahoo.com MX
;; ANSWER SECTION:
yahoo.com.		1800	IN	MX	1 mta5.am0.yahoodns.net.
yahoo.com.		1800	IN	MX	1 mta6.am0.yahoodns.net.
yahoo.com.		1800	IN	MX	1 mta7.am0.yahoodns.net.
...output truncated...

Furthermore, we can also list multiple DNS records together using a script:

for type in A AAAA MX NS TXT ; do
  dig yahoo.com $type
done

Here, the script displays the IPv4, IPv6, mail servers, DNS servers, and text associated with yahoo.com.

5. Conclusion

DNS records of various types provide important information about a hostname or domain. In this article, we learned how to list all DNS records for a domain using the dig command.